<?php
@session_start();
class Order extends Controller {

    function __construct() {
        parent::__construct();
    }

    function index() {
        $sql = new sql();
        $serverreply = "";
        if (@$_POST['continue']) {
            $this->view->hiddenData['salutation'] = @$_POST['salutation'];
            $this->view->hiddenData['fname'] = @$_POST['fname'];
            $this->view->hiddenData['lname'] = @$_POST['lname'];
            $this->view->hiddenData['email'] = @$_POST['email'];
            $this->view->hiddenData['zipcode'] = @$_POST['zipcode'];
            $this->view->hiddenData['address'] = @$_POST['address'];
            $this->view->hiddenData['state'] = @$_POST['state'];
            $this->view->hiddenData['city'] = @$_POST['city'];
            $this->view->hiddenData['phone'] = @$_POST['phone'];
            $this->view->hiddenData['country'] = @$_POST['country'];
            $this->view->plan = @$_POST['plan'];
            $this->view->price = str_replace("%24", "$", @$_POST['price']);
            $this->view->planeprice = str_replace("%24", "", @$_POST['price']);
        }
        if (@$_POST['btnSubmit']) {
            if (@$_POST['codex'] == $_SESSION['security_code']) {
                $this->view->hiddenData['salutation'] = @$_POST['salutation'];
                $this->view->hiddenData['fname'] = @$_POST['fname'];
                $this->view->hiddenData['lname'] = @$_POST['lname'];
                $this->view->hiddenData['email'] = @$_POST['email'];
                $this->view->hiddenData['zipcode'] = @$_POST['zipcode'];
                $this->view->hiddenData['address'] = @$_POST['address'];
                $this->view->hiddenData['state'] = @$_POST['state'];
                $this->view->hiddenData['city'] = @$_POST['city'];
                $this->view->hiddenData['phone'] = @$_POST['phone'];
                $this->view->hiddenData['country'] = @$_POST['country'];
                $this->view->plan = @$_POST['plan'];
                $this->view->price = str_replace("%24", "$", @$_POST['price']);
                $this->view->planeprice = str_replace("$", "", @$_POST['price']);

                $this->view->hiddenData['drpgateway'] = @$_POST['drpgateway'];
                $this->view->hiddenData['drpCardType'] = @$_POST['drpCardType'];
                $this->view->hiddenData['txtCreditcardno'] = @$_POST['txtCreditcardno'];
                $this->view->hiddenData['drpExpMonth'] = @$_POST['drpExpMonth'];
                $this->view->hiddenData['expyear'] = @$_POST['expyear'];
                $this->view->hiddenData['nameoncard'] = @$_POST['nameoncard'];
                $this->view->hiddenData['cvv'] = @$_POST['cvv'];

                $expyear = substr($this->view->hiddenData['expyear'], -2);

                if (@$_POST['drpgateway'] == 'Authorize') {
                    //                //$post_url = "https://test.authorize.net/gateway/transact.dll";
                    $post_url = AUTHORISEDURL;

                    $post_values = array(
                        "x_login" => AUTHORISEDLOGIN,
                        "x_tran_key" => AUTHORISEDTRANSACTION,
                        "x_version" => "3.1",
                        "x_delim_data" => "TRUE",
                        "x_delim_char" => "|",
                        "x_relay_response" => "FALSE",
                        "x_type" => "AUTH_CAPTURE",
                        "x_method" => "CC",
                        "x_card_num" => $this->view->hiddenData['txtCreditcardno'],
                        "x_exp_date" => $this->view->hiddenData['drpExpMonth'] . $expyear,
                        "x_amount" => $this->view->planeprice,
                        "x_description" => $this->view->plan,
                        "x_first_name" => $this->view->hiddenData['fname'],
                        "x_last_name" => $this->view->hiddenData['lname'],
                        "x_address" => $this->view->hiddenData['address'],
                        "x_state" => $this->view->hiddenData['state'],
                        "x_city" => $this->view->hiddenData['city'],
                        "x_country" => $this->view->hiddenData['country'],
                        "x_phone" => $this->view->hiddenData['phone'],
                        "x_email" => $this->view->hiddenData['email'],
                        "x_customer_ip" => $_SERVER['REMOTE_ADDR'],
                        "x_zip" => $this->view->hiddenData['zipcode']
                    );
                    $post_string = "";
                    foreach ($post_values as $key => $value) {
                        $post_string .= "$key=" . urlencode($value) . "&";
                    }
                    $post_string = rtrim($post_string, "& ");
                    $request = curl_init($post_url); // initiate curl object
                    curl_setopt($request, CURLOPT_HEADER, 0); // set to 0 to eliminate header info from response
                    curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); // Returns response data instead of TRUE(1)
                    curl_setopt($request, CURLOPT_POSTFIELDS, $post_string); // use HTTP POST to send form data
                    curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); // uncomment this line if you get no gateway response.
                    $post_response = curl_exec($request); // execute curl post and store results in $post_response
                    curl_close($request); // close curl object
                    $response_array = explode($post_values["x_delim_char"], $post_response);
                    if(isset($response_array[3])){
					$serverreply = $response_array[3];
                    if ($serverreply == 'This transaction has been approved.') {
                        $this->view->serverreply = 'We have received your Payment. Thank You.';
                        header('Location: ' . URL . 'order/?price=' . $this->view->price . '&plan=' . urlencode($this->view->plan) . '&step=3&serverreply=' . urlencode($this->view->serverreply));
                    } elseif ($serverreply == 'A duplicate transaction has been submitted.') {
                        $this->view->serverreply = 'Page has been resubmitted. We can not proceed this transaction.';
                        $errorpayment = 1;
                    } else {
                        $this->view->serverreply = $serverreply;
                        $errorpayment = 1;
                        @$_POST['steps'] = 0;
                    }
					}
					else{
					 $this->view->serverreply = "Something happen wrong. Payment not proceed. Please try again.";
                        $errorpayment = 1;
                        @$_POST['steps'] = 0;
					}
                } 
                elseif (@$_POST['drpgateway'] == 'Paypal') {

                    function NVPToArray($NVPString) {
                        $proArray = array();
                        while (strlen($NVPString)) {
                            // name
                            $keypos = strpos($NVPString, '=');
                            $keyval = substr($NVPString, 0, $keypos);
                            // value
                            $valuepos = strpos($NVPString, '&') ? strpos($NVPString, '&') : strlen($NVPString);
                            $valval = substr($NVPString, $keypos + 1, $valuepos - $keypos - 1);
                            // decoding the respose
                            $proArray[$keyval] = urldecode($valval);
                            $NVPString = substr($NVPString, $valuepos + 1, strlen($NVPString));
                        }
                        return $proArray;
                    }

                   /* $API_UserName = urlencode(PAYPALUSERNAME);
                    $API_Password = urlencode(PAYPALPASSWORD);
                    $API_Signature = urlencode(PAYPALSIGNATURE);
                   */
                    $API_UserName = urlencode('wikitudedeveloper-facilitator_api1.gmail.com');
                    $API_Password = urlencode('8BNEWE5M7YN9HSQ3');
                    $API_Signature = urlencode('AFcWxV21C7fd0v3bYYYRCpSSRl31AAcQ7omasOpQ.935GN.N-DQS55P2');
                    
                    $api_endpoint = PAYPALENDPOINT;
                    $api_version = urlencode('51.0');
                    $request_params = array
                        (
                        'METHOD' => 'DoDirectPayment',
                        'USER' => $API_UserName,
                        'PWD' => $API_Password,
                        'SIGNATURE' => $API_Signature,
                        'VERSION' => $api_version,
                        'PAYMENTACTION' => 'Sale',
                        'IPADDRESS' => $_SERVER['REMOTE_ADDR'],
                        'CREDITCARDTYPE' => $this->view->hiddenData['drpCardType'],
                        'ACCT' => $this->view->hiddenData['txtCreditcardno'],
                        'EXPDATE' => $this->view->hiddenData['drpExpMonth'] . $this->view->hiddenData['expyear'],
                        'CVV2' => $this->view->hiddenData['cvv'],
                        'FIRSTNAME' => $this->view->hiddenData['fname'],
                        'LASTNAME' => $this->view->hiddenData['lname'],
                        'STREET' => $this->view->hiddenData['address'],
                        'CITY' => $this->view->hiddenData['city'],
                        'STATE' => $this->view->hiddenData['state'],
                        'COUNTRYCODE' => $this->view->hiddenData['country'],
                        'ZIP' => $this->view->hiddenData['zipcode'],
                        'AMT' => $this->view->planeprice,
                        'CURRENCYCODE' => 'USD',
                        'DESC' => $this->view->plan
                    );
                    $nvp_string = '';
                    foreach ($request_params as $var => $val) {
                        $nvp_string .= '&' . $var . '=' . urlencode($val);
                    }
echo $nvp_string;
                    exit;
                    $curl = curl_init();
                    curl_setopt($curl, CURLOPT_VERBOSE, 1);
                    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
                    curl_setopt($curl, CURLOPT_TIMEOUT, 30);
                    curl_setopt($curl, CURLOPT_URL, $api_endpoint);
                    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
                    curl_setopt($curl, CURLOPT_POSTFIELDS, $nvp_string);

                    $result = curl_exec($curl);

                    curl_close($curl);

                    $result_array = NVPToArray($result);
//                echo '<pre>';
//                print_r($result_array);
//                echo '</pre>';
//                die();


                    if ($result_array['ACK'] == 'Success') {
                        $this->view->serverreply = 'We have received your Payment. Thank You.';
                        header('Location: ' . URL . 'order/?price=' . $this->view->price . '&plan=' . urlencode($this->view->plan) . '&step=3&serverreply=' . urlencode($this->view->serverreply));
                    } else {
                        $this->view->serverreply = $result_array['L_LONGMESSAGE0'];
                        $errorpayment = 1;
                        @$_POST['steps'] = 0;
                    }
                }
            } else {
//                echo @$_POST['codex'].'  '.$_SESSION['security_code'];
//                die();
                $this->view->serverreply = "Invalid Security Code. Please try again..";

                header('Location: ' . URL . 'order/?price=' . GET('price') . '&plan=' . GET('plan') . '&step=1&serverreply=' . urlencode($this->view->serverreply));
            }
        }

        if (@$_POST['steps']) {
            $this->view->step = @$_POST['steps'] + 1;
            $this->view->plan = urlencode(@$_POST['plan']);
            $this->view->price = str_replace("%24", "$", @$_POST['price']);
            $this->view->url = URL . "order/?price=" . $this->view->price . "&plan=" . $this->view->plan . "&step=2";
        } else {
            $this->view->step = 2;
            $this->view->plan = GET('plan');
            $this->view->price = str_replace("%24", "$", GET('price'));
            $this->view->url = URL . "order/?price=" . str_replace("%24", "$", GET('price')) . "&plan=" . GET('plan') . "&step=2";
        }

        $this->view->render('order');
    }

}
